NAC Confirms Stolen Data Published Online After Cyberattack
By Aneli Fura
The Namibia Airports Company (NAC) has confirmed that data taken during a recent cyberattack has been published on the dark web following a ransomware incident.
In a statement, NAC revealed that early assessments suggest the compromised information may include files from its airport permit system, parking management databases, engineering and project documentation, financial records, and internal reports.
The breach was initially detected on 6 March 2026, when it was discovered that roughly 500GB of data had been extracted. The attackers, identified as the INC Ransomware Group, had threatened to release the data unless their demands were met.
The Namibia Cyber Security Incident Response Team (NAM-CSIRT) explained that the group is known for using “double-extortion” tactics—stealing sensitive information while also encrypting systems to pressure victims.
NAC said it is still working to determine the full scope of the breach, including whether any personal or highly sensitive data has been affected.
Following the attack, the company implemented containment measures and has since strengthened its cybersecurity systems. Despite the incident, NAC reassured the public that airport operations, as well as safety and security, have not been disrupted.
The organisation added that investigations are ongoing and pledged to keep stakeholders informed as more details emerge.
